Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 27 Jun 2009 15:18:33 -0400
From:      Jon Radel <jon@radel.com>
To:        Jos Chrispijn <jos@webrz.net>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: Best practices for securing SSH server
Message-ID:  <4A467089.1040404@radel.com>
In-Reply-To: <4A4639B0.8080602@webrz.net>
References:  <b6c05a470906221816l4001b92cu82270632440ee8a@mail.gmail.com> <4A4639B0.8080602@webrz.net>
index | next in thread | previous in thread | raw e-mail 

[-- Attachment #1 --]
Jos Chrispijn wrote:
> 
> 
> Daniel Underwood wrote:
>> laptop to connect to the server.  Due to the speed and location of the
>> connection, it's a relatively high-risk target.
>>   
> Can you tell me what you mean with that? I mean, imho a server must been 
> consider always a risk target.
> Perhaps I don't understand.

As I believe has already been answered in this thread, the better 
connected a server is to the Internet, the higher its value to several 
varieties of miscreants.  Given a choice between a server connected via 
a close to saturated T1 somewhere in the back waters of the Internet and 
a server with multiple 100mbps+ connections to key backbones, somebody 
interested in staging DOS attacks or using the server as a base to 
"explore" other networks or ... is likely to find the latter server of 
greater interest.  About the only advantage I can think of for the 
former is that it's probably, other things being equal, less likely to 
be properly maintained and monitored.

-- 

--Jon Radel
jon@radel.com

[-- Attachment #2 --]
0	*H
010	+0	*H
	100\^
Xq0
	*H
0b10	UZA1%0#U
Thawte Consulting (Pty) Ltd.1,0*U#Thawte Personal Freemail Issuing CA0
090225041326Z
100225041326Z0^10URadel10U*
Jon Thomas10UJon Thomas Radel10	*H
	
jon@radel.com0"0
	*H
0
O箩js;:|+\&W4fMcjDX&̡4g;}we62xrqF?6K#zjdf~pC.l5ծ>f%!T`O\BIe Gv$l\9BbkOBHnKl-q;
MlL (ٕ ,OJ%gCqb!?hض2y*0(0U0
jon@radel.com0U00
	*H
SWWƳN&⼮i#E[%Ҟ';uT}|m}^yըO-ʧ}BYp#tcSu
Bj8+G$bC4g/qi
77Stڄկ<`SNfT00\^
Xq0
	*H
0b10	UZA1%0#U
Thawte Consulting (Pty) Ltd.1,0*U#Thawte Personal Freemail Issuing CA0
090225041326Z
100225041326Z0^10URadel10U*
Jon Thomas10UJon Thomas Radel10	*H
	
jon@radel.com0"0
	*H
0
O箩js;:|+\&W4fMcjDX&̡4g;}we62xrqF?6K#zjdf~pC.l5ծ>f%!T`O\BIe Gv$l\9BbkOBHnKl-q;
MlL (ٕ ,OJ%gCqb!?hض2y*0(0U0
jon@radel.com0U00
	*H
SWWƳN&⼮i#E[%Ҟ';uT}|m}^yըO-ʧ}BYp#tcSu
Bj8+G$bC4g/qi
77Stڄկ<`SNfT0?0
0
	*H
010	UZA10UWestern Cape10U	Cape Town10U
Thawte Consulting1(0&UCertification Services Division1$0"UThawte Personal Freemail CA1+0)	*H
	personal-freemail@thawte.com0
030717000000Z
130716235959Z0b10	UZA1%0#U
Thawte Consulting (Pty) Ltd.1,0*U#Thawte Personal Freemail Issuing CA00
	*H
0Ħ<UsUNʙZhup[v:aQP
0cZ,p+Z?qV˯<6$*+w=+>@dקe*TH<a@dr`00U00CU<0:08642http://crl.thawte.com/ThawtePersonalFreemailCA.crl0U0)U"0 010UPrivateLabel2-1380
	*H
HP.
fgCL!6-6/P p<ab:~t%Pb'qW%ݩ9 Oe_N4[5MwV!x!5$F]_eO1d0`0v0b10	UZA1%0#U
Thawte Consulting (Pty) Ltd.1,0*U#Thawte Personal Freemail Issuing CA^
Xq0	+0	*H
	1	*H
0	*H
	1
090627191833Z0#	*H
	1 tr-pfqdc20R	*H
	1E0C0
*H
0*H
0
*H
@0+0
*H
(0	+71x0v0b10	UZA1%0#U
Thawte Consulting (Pty) Ltd.1,0*U#Thawte Personal Freemail Issuing CA^
Xq0*H
	1xv0b10	UZA1%0#U
Thawte Consulting (Pty) Ltd.1,0*U#Thawte Personal Freemail Issuing CA^
Xq0
	*H
Z1\t#b,:y1f'KX3:^7NbMo%Ply}!
k6ڈLAC=Q2Mw[5_L[3#0-JiЗjQn5Zja2>HNa\;%`l[C*}>>K*ՑN,:g~ŌsZ[ۦ=rp鄽ǍCHzXEN$яV8vR"{o^Bd_6
home | help

Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4A467089.1040404>